Securing the KMS server on port 1688
We are using server 2012 and have enabled KMS for the client machine within our environment. Recently we recieved the following email from Microsoft "It has come to Microsoft’s attention that your KMS server
(details below) is providing uncontrolled access from the Internet again. This exposes your network to illegal activity, allows software piracy, and is contrary to the Microsoft Product Use Rights". Any help on how to solve this problem. We
have established rules on our dell and sonic firewall. We have issued rules on our filter and it still seems to be leaking. Please advise on the steps to take to correct the problem.
Thanks You
Laurie W "It is all in how you see it"
In the file <OC4JHOME>/config/http-web-site.xml you can change the port number of OC4J to your preference.
<web-site port="8888" ...
Just change this to port="80"
As for your other question, I'm sorry I can't be of any help.
Ole
Similar Messages
-
Can i Host the KMS Server in the Server which is a KMS client of other KMS Server
Hi,
Is it Possiblei can Host the KMS Server in the Server(2012 R2) which is a KMS client of other KMS Server..?
If yes ... Do i need to do any special configuration for that or normal Host configuration is enough..?
Thanks
Balaji KHi Sir,
"The KMS service does not require a dedicated server. The KMS service can be co-hosted with other services, such as Active Directory® Domain Services (AD DS) domain controllers and read-only domain controllers (RODCs).
KMS hosts can also run on physical computers or virtual machines that are running any supported Windows operating system, including Windows Server 2003. Although a KMS host that is running Windows Server 2008 R2 can activate any Windows operating
system that supports Volume Activation, a KMS host that is running Windows 7 can activate only computers running Windows 7 and Windows Vista."
Based on this ,it should work .
If you want to activate a windows server please enable KMS on a server .
"By default, client computers connect to the KMS host for activation by using anonymous RPCs through TCP port 1688. (You can change the default port.) After establishing a TCP session with the KMS host, the client sends a single request packet.
The KMS host responds with the activation count. If the count meets or exceeds the activation threshold for that operating system, the client is activated and the session is closed. The KMS client uses this same process for renewal requests. The communication
each way is 250 bytes."
https://technet.microsoft.com/en-us/library/ff793434.aspx
Also you can change it if that port is used by other service :
https://technet.microsoft.com/en-us/library/ff793407.aspx?f=255&MSPPError=-2147217396
Best Regards,
Elton Ji
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected] . -
Communication error with the opmn server local port
Working on 64-bit R12.0.6 on AIX 5L
Application services are not being started properly. They are being started with status 2(sometimes with 4).
Autocinfig is being successfully completed.
Please help me how I can get rid of this error. Following are some of the environment setting details:
ons.conf
nodes=appaix02.us.oracle.com:15007
opmn.xml
<opmn xmlns="http://www.oracle.com/ias-instance">
<notification-server>
<port local="15006" remote="15007" request="15005"/>
opmn.log
OPMN worker process exited with status 4. Restarting
OPMN worker process exited with status 4. Restarting
OPMN worker process exited with status 4. Restarting
OPMN worker process exited with status 4. Restarting
OPMN worker process exited with status 4. Restarting
OPMN worker process exited with status 4. Restarting
ons.log
07/01/11 13:12:02 [4] ONS server initiated
07/01/11 13:12:52 [4] Logging disabled
07/01/11 13:12:53 [4] ONS server initiated
07/01/11 13:13:04 [4] Logging disabled
07/01/11 13:13:04 [4] ONS server initiated
07/01/11 13:13:17 [4] Logging disabled
07/01/11 13:13:28 [4] ONS server initiated
07/01/11 13:13:40 [4] Logging disabled
07/01/11 13:13:41 [4] ONS server initiated
07/01/11 13:14:20 [4] Logging disabled
07/01/11 13:14:21 [4] ONS server initiated
07/01/11 13:14:29 [4] Logging disabled
07/01/11 13:14:29 [4] ONS server initiated
07/01/11 13:14:34 [4] Logging disabled
07/01/11 13:14:34 [4] ONS server initiated
07/01/11 13:15:53 [4] Logging disabled
adopmnctl.txt
10/08/10-23:30:43 :: adopmnctl.sh version 120.4.12000000.3
10/08/10-23:30:43 :: adopmnctl.sh: Stopping Oracle Process Manager (OPMN) and t
he managed processes
opmnctl: stopping opmn and all managed processes...
10/09/10-11:13:41 :: adopmnctl.sh version 120.4.12000000.3
10/09/10-11:13:41 :: adopmnctl.sh: Starting Oracle Process Manager (OPMN)
opmnctl: opmn start failed.
10/09/10-11:15:09 :: adopmnctl.sh: exiting with status 2
adformsctl.txt
opmnctl: stopping opmn managed processes...
10/09/10-11:18:11 :: adformsctl.sh version 120.12.12000000.5
10/09/10-11:18:11 :: adformsctl.sh: starting OPMN if it is not running
Communication error with the OPMN server local port.
Check the OPMN log files
Communication error with the OPMN server local port.
Check the OPMN log files
Communication error with the OPMN server local port.
Check the OPMN log files
Communication error with the OPMN server local port.
Check the OPMN log files
Communication error with the OPMN server local port.
Check the OPMN log files
Communication error with the OPMN server local port.
Check the OPMN log files
Communication error with the OPMN server local port.
Check the OPMN log files
Communication error with the OPMN server local port.
Check the OPMN log files
Communication error with the OPMN server local port.
Check the OPMN log files
Communication error with the OPMN server local port.
Check the OPMN log files
Communication error with the OPMN server local port.
Check the OPMN log files
Communication error with the OPMN server local port.
Check the OPMN log files
opmnctl: opmn start failed.
Please help."A point to add"
I just noticed that following message is being continously receiving in the database alert_log:
Sat Oct 9 16:04:52 2010
WARNING: inbound connection timed out (ORA-3136)
Sat Oct 9 16:05:32 2010
WARNING: inbound connection timed out (ORA-3136)
Sat Oct 9 16:06:30 2010
WARNING: inbound connection timed out (ORA-3136)
Sat Oct 9 16:07:10 2010
WARNING: inbound connection timed out (ORA-3136)
Sat Oct 9 16:09:35 2010
Incremental checkpoint up to RBA [0x1d.1f9928.0], current log tail at RBA [0x1d.1f9a79.0]
Sat Oct 9 16:11:52 2010
WARNING: inbound connection timed out (ORA-3136)
Sat Oct 9 16:29:40 2010
Incremental checkpoint up to RBA [0x1d.1f9b87.0], current log tail at RBA [0x1d.1f9bf4.0]
~
Please help. -
Getting the HTTP server name, port and context name inside the init()
I have a servlet which is initialized when the Web server comes up. Is there any way I can print the complete URL from this servlet?
I am aware that this can be done by using request object. But note that in this case, there is no request object. All we have is the ServletConfig and ServletContext.
Pasting a part of my code here.
public class MyInit extends HttpServlet
private ServletContext m_servletContext = null;
public void init(ServletConfig config) throws ServletException
super.init(config);
m_servletContext = config.getServletContext();
//System.out.println("Print the URL here...")
}Only a request has a URL. It's possible for servlets to be mapped to respond to more than one URL, and the server can be configured to respond to more than one host and at more than one port. So none of those things you are asking for have any meaning without an actual request.
-
Secure the Application Server application
Hello All,
OS: AIX 5.2
DB:10.1.0.4.0
I have secure my application as below:
To secure the DB Control application, I have follow these steps:
cd $OARCLE_HOME/bin
1. Stop the DB Control
$ emctl stop dbconsole
2.Secure the DB Control application
$ emctl secure dbconsole
3. Start DB Control again
$ emctl start dbconsole
after that http become https as below:
http:hostname.dominname:5501/em/console/logon/logon
https://http:hostname.dominname:5501/em/console/logon/logon
Now I need to do this on Application Server.
OS is SuSE Linux Enterprise Server 9.
Infrastructure & middle tier installed on the same box.
Any suggestion will be appriciated.
cheers,
DNCan't you do the same ? (dbconsole becomes iasconsole)
http://download-west.oracle.com/docs/cd/B14099_19/core.1012/b13995/em_app.htm#i690069 -
How to run the oc4j server on port 80
Hi,
We want to run Oc4j on port 80 and do not want to install OHS.
We hava a script, oc4jStartStop, that start and stop the server. It has following file permisions:
-rwsr-sr-x 1 root root 1479 sep 6 10:29 oc4jStartStop
When a non root user starts the server by executing this script we get an error:
19.09.02 09:06: Error starting HTTP-Server: Permission denied
Script starts the java process as follows:
ORION_HOME=/my/orion/catalog/j2ee/home; export ORION_HOME
java -Xmx400m -Dp6.home=$ORION_HOME/lib -jar oc4j.jar &
Any suggestion?
Regards
MayuIn the file <OC4JHOME>/config/http-web-site.xml you can change the port number of OC4J to your preference.
<web-site port="8888" ...
Just change this to port="80"
As for your other question, I'm sorry I can't be of any help.
Ole -
Any way to protect the proxy server(OHS) port
Hi All,
In our environment, we integrated EBS,Liferay (As front end application) with OAM, so now the end url is as below :
http://mycompany.com:7778/product/
So any chance to hide or protect the 7778 port (like http://mycompany.com/product/).
Any idea please,
Thanks in advance,
Regards,
900076.900076 wrote:
Hi All,
In our environment, we integrated EBS,Liferay (As front end application) with OAM, so now the end url is as below :
http://mycompany.com:7778/product/
So any chance to hide or protect the 7778 port (like http://mycompany.com/product/).
Any idea please,
Thanks in advance,
Regards,
900076.Use port 80 -- Please see these docs for details.
How To Configure Apache In R11i (9iAS) to Listen on a Restricted Port Such as 80 or 443 [ID 356080.1]
How To Configure Apache In R12 (10.1.3) To Listen on a Restricted Port Such as 80 or 443 [ID 578001.1]
Unable to login after Changing the Web Port to 80 [ID 1326966.1]
Thanks,
Hussein -
Win7 - Using KMS Server for Office 2010 - How can you query that it's actually using KMS?
Hi All,
Our Desktop Support alerted me to an issue in which a client received a pop-up notification about activating Office within 30 days.
I started to dig into our KMS Service, having inherited it from a prior, now gone for greener pastures colleague of mine.
I see the Office 2010 key on the KMS Server and there is a corresponding DNS SRV record for the Server.
Here is that information:
Name: Microsoft Office 2010, KMSHost edition
Description: Microsoft Office 2010 KMS, VOLUME_KMS channel
Activation ID: bfe7a195-4f8f-4f0b-a622-cf13c7d16864
Application ID: 59a52881-a989-479d-af46-f275c6370663
Extended PID: 55041-00096-199-345382-03-1033-7601.0000-1222013
Installation ID: 021315815071370255435840389124010276914515863061481930
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88342
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88343
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88345
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88344
Partial Product Key: xxxxx
License Status: Licensed
Remaining Windows rearm count: 4
Trusted time: 2/18/2014 10:34:28 AM
Key Management Service is enabled on this machine
Current count: 10
Listening on Port: 1688
DNS publishing enabled
KMS priority: Normal
Key Management Service cumulative requests received from clients
Total requests received: 26175
Failed requests received: 0
Requests with License Status Unlicensed: 0
Requests with License Status Licensed: 24443
Requests with License Status Initial grace period: 1712
Requests with License Status License expired or Hardware out of tolerance: 12
Requests with License Status Non-genuine grace period: 0
Requests with License Status Notification: 8
Thing is, I try querying for the KMS status on the Win7 machine and there is no entry anywhere that corresponds to Office 2010:
c:\Windows\System32>cscript slmgr.vbs -dli bfe7a195-4f8f-4f0b-a622-cf13c7d16864
Microsoft (R) Windows Script Host Version 5.8
Copyright (C) Microsoft Corporation. All rights reserved.
Error: product key not found.
Where can I make certain that Win7's Office 2010 is in fact using KMS for licensing? Is it in the registry?
Thank you very much for your time,
Mr MisterHi,
We might consider to use Volume Activation Management Tool to check the Activation Information:
Reporting Activation Information Using Volume Activation Management Tool 2.0
Or we could take a look into the application log for event ID 12288, 12289 as well as 12290. (the 12288 and 12289 should be in pairs: client query-kms response)
More information, please take a look at the below articles:
How to determine whether the KMS server is working
Windows Event Log
Hope this may help
Best regards
Michael
Michael Shao
TechNet Community Support -
Hi All.
I have a 2008 R2 server that has been my active KMS server for a couple of years now. Activates my workstations and office. Just recently I noticed some licensing problems with new builds and traced it back to the KMS server service is not running.
The event log shows event ID 12291 Key Management Service (KMS) Failed to start. I've tried rebooting, restarting the software protection service and this event will not show up until I try using slmgr.vbs to view status. I can't find anything
to help me troubleshoot. No changes recently on the server. The only thing I noticed was a problem pulling updates from our WSUS server including some .NET 4 updates. So I updated from windows update, but that didn't help either. Any
thought on where to look next?
Log Name: Application
Source: Microsoft-Windows-Security-SPP
Date: 8/28/2014 3:57:28 PM
Event ID: 12291
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: ITMGMT2.company.com
Description:
Key Management Service (KMS) failed to start.
Info:
hr=0xC0020029
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Security-SPP" Guid="{E23B33B0-C8C9-472C-A5F9-F2BDFEA0F156}" EventSourceName="Software Protection Platform Service" />
<EventID Qualifiers="16384">12291</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2014-08-28T22:57:28.000000000Z" />
<EventRecordID>683643</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>ITMGMT2.company.com</Computer>
<Security />
</System>
<EventData>
<Data>hr=0xC0020029</Data>
</EventData>
</Event>Hi,
I am trying to involve someone familiar with this topic to further look at this issue. There might be some time delay. Appreciate your patience.
Thanks for your understanding and support.
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place. -
FRM-41213 : Error raised by a form when launching report on the same server
Hello !
I get this error FRM-41213 when launching a report via rp2rro.rp2rro_run_product.
I don't want to set the report server in a var or property into a library or a form cause my app is to be sent to customers who will not have the sources files.
This app is a migration from an app 10g to 11g.
In 10g whe hadn't to set the ReportServerURL ... But in 11g it can't be ok if we don't set the server URL (with the URL it's ok)
The 11g Report server is running on port 9002, and the form server on port 9001 on the same machine. But the two server are accessible by an ohs on port 8888.
What the f**k ?
:)Hi
I don't run my reports using rp2rro.rp2rro_run_product but in both 10g and in 11g have always needed to specify the name of the report server.
We have used different methods for different clients/customers. At times we have stored this name in a table in the application, other times in a pre-defined file on the server which we read using text_io.
HTH
Tony -
"Unauthorized Host" error when you try to connect to the admin server
"Unauthorized Host" error when you try to connect to the admin server
<p>
If you see this error message when you try to connect to a Netscape
administration server:<P>
Internal Error
The administration server was unable to fulfill your request.
Reason: Unauthorized host
--------------------------<P>
Here is how to solve the problem and gain access. First you should
temporarily open access to all sites, and then once you make sure that
this lets you get into your administration server, try again to set up
the domain name or IP address access restrictions you want.<P>
For all 2.x/3.x Netscape servers on Windows NT and Unix, or for Commerce and
Communications servers (1.x) on Unix:<P>
<OL>
<LI>Open the "ns-admin.conf" file with a text editor. You can
find this file in the "admserv" directory under your Netscape
server root. The directory is named "admin-serv" in 3.x servers.<P>
<LI>Delete the "Hosts" and "Addresses" lines you see there (either one
of them might not be present). Don't confuse the "Addresses" line,
which you should delete, with the "Address" line, which you should NOT
delete.<P>
<LI>Save the file, then restart your administration server (on Unix run
"stop-admin" then "start-admin"; on Windows NT go into the Services
control panel and stop/start the "Netscape Admin Server" service).<P>
</OL><P>
For Commerce Server or Communications Server (1.x) on Windows NT:<P>
<OL>
<LI>Go into the registry editor. On Windows NT 4.0, run the command
"regedit". On Windows 3.51, run the command
"regedt32".<P>
<LI>Navigate down to the section
"HKEY_LOCAL_MACHINE\SOFTWARE\Netscape\Administration".<P>
<LI>Delete the "Hosts" and "Addresses" entries you see there (either one
of them might not be present). Don't confuse the "Addresses" entry,
which you should delete, with the "Address" entry, which you should NOT
delete.<P>
<LI>Close the registry editor, then restart your administration server
by going into the Services control panel and stopping then starting the
"Netscape Administration" service.<P>
</OL>
Now try again to access your administration server. Remember, the URL
will be something like "http://servername:12345/", where
"12345" is where the administration server's port number goes.<P>
If you still get the same "Unauthorized host" error, then make sure that
your "ns-admin.conf" file really doesn't contain any "Hosts" or
"Addresses" lines any more, and try stopping your administration server
again then starting it back up.<P>
Once you have access to your administration server, you can try again to
set up the access controls you want.<P>
<UL>
<LI>For the administration server on a 3.x server installation, select
"Admin Preferences" from the General Administration page (the first page
you see when you connect to the admin server), then click on "Superuser Access
Control" and enter hostname and IP address restrictions. If you want
allow access to multiple clients, you'll have to use wildcard patterns
(separate the subsrings with a pipe character, like
"(host1|host2|host3)"); the substrings must be enclosed in parentheses, as shown.
If you're setting up hostname restrictions, you'll need to make sure that
your DNS can resolve those hostnames -- it's generally safer to stick
with IP address restrictions. When you're finished configuring this,
click "OK" then restart your admin server.<P>
<LI>For the administration server on a 2.x server installation, select
"Configure Administration" from the Server Selector page (the first page
you see when you connect to the admin server), then click on "Access
Control" and enter hostname and IP address restrictions. If you want
allow access to multiple clients, you'll have to use wildcard patterns
(separate the subsrings with a pipe character, like
"(host1|host2|host3)"); the substrings must be enclosed in parentheses, as shown.
If you're setting up hostname restrictions, you'll need to make sure that
your DNS can resolve those hostnames -- it's generally safer to stick
with IP address restrictions. When you're finished configuring this,
click "OK" then restart your admin server.<P>
<LI>For the administration server on a 1.x server installation, select
"Configure Administration Server" from the bottom of the Server Manager
page, then enter hostname and IP address restrictions. If you want
allow access to multiple clients, you'll have to use wildcard patterns
(separate the substrings with a pipe character, like
"(host1|host2|host3)"); the substrings must be enclosed in parentheses, as shown.
If you're setting up hostname restrictions, you'll need to make sure that your
DNS can resolve those hostnames -- it's generally safer to stick with IP address
restrictions.
When you're finished configuring this, click "Make These Changes" then
restart your admin server.<P>
</UL><P>
If you still find yourself getting an "Unauthorized host" error message,
you can use the above steps to open up access and try different
settings.<P>"Unauthorized Host" error when you try to connect to the admin server
<p>
If you see this error message when you try to connect to a Netscape
administration server:<P>
Internal Error
The administration server was unable to fulfill your request.
Reason: Unauthorized host
--------------------------<P>
Here is how to solve the problem and gain access. First you should
temporarily open access to all sites, and then once you make sure that
this lets you get into your administration server, try again to set up
the domain name or IP address access restrictions you want.<P>
For all 2.x/3.x Netscape servers on Windows NT and Unix, or for Commerce and
Communications servers (1.x) on Unix:<P>
<OL>
<LI>Open the "ns-admin.conf" file with a text editor. You can
find this file in the "admserv" directory under your Netscape
server root. The directory is named "admin-serv" in 3.x servers.<P>
<LI>Delete the "Hosts" and "Addresses" lines you see there (either one
of them might not be present). Don't confuse the "Addresses" line,
which you should delete, with the "Address" line, which you should NOT
delete.<P>
<LI>Save the file, then restart your administration server (on Unix run
"stop-admin" then "start-admin"; on Windows NT go into the Services
control panel and stop/start the "Netscape Admin Server" service).<P>
</OL><P>
For Commerce Server or Communications Server (1.x) on Windows NT:<P>
<OL>
<LI>Go into the registry editor. On Windows NT 4.0, run the command
"regedit". On Windows 3.51, run the command
"regedt32".<P>
<LI>Navigate down to the section
"HKEY_LOCAL_MACHINE\SOFTWARE\Netscape\Administration".<P>
<LI>Delete the "Hosts" and "Addresses" entries you see there (either one
of them might not be present). Don't confuse the "Addresses" entry,
which you should delete, with the "Address" entry, which you should NOT
delete.<P>
<LI>Close the registry editor, then restart your administration server
by going into the Services control panel and stopping then starting the
"Netscape Administration" service.<P>
</OL>
Now try again to access your administration server. Remember, the URL
will be something like "http://servername:12345/", where
"12345" is where the administration server's port number goes.<P>
If you still get the same "Unauthorized host" error, then make sure that
your "ns-admin.conf" file really doesn't contain any "Hosts" or
"Addresses" lines any more, and try stopping your administration server
again then starting it back up.<P>
Once you have access to your administration server, you can try again to
set up the access controls you want.<P>
<UL>
<LI>For the administration server on a 3.x server installation, select
"Admin Preferences" from the General Administration page (the first page
you see when you connect to the admin server), then click on "Superuser Access
Control" and enter hostname and IP address restrictions. If you want
allow access to multiple clients, you'll have to use wildcard patterns
(separate the subsrings with a pipe character, like
"(host1|host2|host3)"); the substrings must be enclosed in parentheses, as shown.
If you're setting up hostname restrictions, you'll need to make sure that
your DNS can resolve those hostnames -- it's generally safer to stick
with IP address restrictions. When you're finished configuring this,
click "OK" then restart your admin server.<P>
<LI>For the administration server on a 2.x server installation, select
"Configure Administration" from the Server Selector page (the first page
you see when you connect to the admin server), then click on "Access
Control" and enter hostname and IP address restrictions. If you want
allow access to multiple clients, you'll have to use wildcard patterns
(separate the subsrings with a pipe character, like
"(host1|host2|host3)"); the substrings must be enclosed in parentheses, as shown.
If you're setting up hostname restrictions, you'll need to make sure that
your DNS can resolve those hostnames -- it's generally safer to stick
with IP address restrictions. When you're finished configuring this,
click "OK" then restart your admin server.<P>
<LI>For the administration server on a 1.x server installation, select
"Configure Administration Server" from the bottom of the Server Manager
page, then enter hostname and IP address restrictions. If you want
allow access to multiple clients, you'll have to use wildcard patterns
(separate the substrings with a pipe character, like
"(host1|host2|host3)"); the substrings must be enclosed in parentheses, as shown.
If you're setting up hostname restrictions, you'll need to make sure that your
DNS can resolve those hostnames -- it's generally safer to stick with IP address
restrictions.
When you're finished configuring this, click "Make These Changes" then
restart your admin server.<P>
</UL><P>
If you still find yourself getting an "Unauthorized host" error message,
you can use the above steps to open up access and try different
settings.<P> -
KMS server: Office2010 & Win7 react in different ways...
Hi,
we have a virtual infrastructure using Win7 and Office 2010.
Before introducing Office2010, the KMS host was on a Win2008 server, then we decided to move it to a Win7 machine with the Office2010 extension installed. KMS functions were disabled from the Win2008 server.
What happens now is that Win7 OSs are regularly activated by KMS, while Office2010 installations are not... we have verified that the old KMS is no more publishing itself on DNS and that the correct DNS entry is present for the Win7 KMS host. Using nslookup
for further verification also gives the correct results.
Nevertheless, Office 2010 is unable to activate itself on the desktops. We are able to activate the Office2010 instances just using the VAMT tool, forcing the KMS activation for the selected desktops AND manually forcing the IP of the KMS server: when leaving
the tool search the KMS (using the DNS), it fails. Since (as stated before) nslookup gives the expected results (on the same machine where VAMT is installed and failing!), we really don't know what to do... everything seems to be ok, but actually it isn't:
where?
Thank you for your helpI was just looking through questions with no replies. Do you still need assistance with this issue?
Chris Ream -
New command for radius-server source-ports
I am trying to find the new command fro radius-server source-ports 1645-1646 since it appears to be depricated. We use tacacs so we do not have the radius server specified but we do need to put in the ports. Can someone please tell me the new command for radius-server source-ports?
ThanksBoth of the links that Peter posted are interesting and helpful. I would like to take a slightly different approach in answering your question.
In every version of IOS there are certain commands that get inserted into running-config when a particular feature is activated. It looks like in your version the radius-server source-ports is one of those commands. I do not think it is anything that you should be concerned about.
And I do not believe that having the radius-server source-ports command would prevent TACACS from working. I believe that there is likely to be some fault in your configuration. If you would post the aaa parts of the config then maybe we could see what the problem is.
In my experience configuring aaa some of the common problems include not correctly identifying the TACACS server, not having exactly the same key configured on the Cisco device and the TACACS server, not having connectivity to the TACACS server (can the Cisco device ping the server, and can the server ping the device), or errors in the authentication or authorization prameters specified.
Post some information and we will see what we can do.
HTH
Rick -
Getting Application server's Port number
Hi
from where we can get the application server's port number. i have forgot the port number of my AS
thanks%ORACLE_HOME%\install\portlist.ini
-
Not able to remove "radius-server-source-port-1645-1646"
Hii Guys! I'm trying to remove the "radius-server-source-port -1645-1646" command but it's not happening.. Command executes but it's still showing up in running configuration...... It's on 2960 switch running 12.2 lanbasek9 IOS.
Hmm..... That's not the case.... Tried this already
Even I've seen its kinda default command in some old IOS....... But not getting a firm URL or link to confirm it..... So not sure if it's issue with IOS or something else
Maybe you are looking for
-
Iphone 3, sync'd with Exchange, sent mail goes to draft folder
Sent Mail (Exchange Account), is going to the drafts folder
-
I have MacBook Air and have been using Apple TV with i with no problem until a recent update for Apple TV. Now the picture and sound jump every few seconds and its not a streaming issue. can anyone help? I have tried restarting.
-
How to have sticky column headers in a large list?
I have a list in sharepoint 2013. It was created from a Microsoft Access database and so it displays like a spreasheat type list. It is quite large and it would be nice to make the column headers "sticky" so that when you scroll down the page/list
-
How to fix java exclamation point when loading a game
hi so i just got my macbook out of repair because of my hardrive failiong and they installed a new one and i had no back up of my operating system so they put it in for me. My software is on 10.6.8 and i have java 1.6.0_51-b11-457. Know when i try to
-
CS5 - Layer links get lost when copying/duplicating to another psd-file
Hello, Following problem when using Photoshop Extended CS5 12.0.4 on OSX 10.6 described as example situation: 1) You have a psd file with several layers and/or groups. 2) Let's say 1 layer (N1) is linked to another layer(N2) in that file and a furth